Our apologies for the delay in reporting these details and any inconvenience this has caused. We wanted to make sure we fully analyzed the extent of the situation before publishing details
( Read more... )
i tried to reply to a LJ message and every time i hit 'send' i was suddenly in someone's LJ account! this happened 5 different times....i had full access to their accounts! i immediately logged out as i would want someone to get out of my account if they found themselves into.....i relogged in and it happened again and again
( ... )
"and it did last longer than 3 minutes because the next morning a LJ friend replied to a comment of mine and the first time they did---it was as a different user!!! they even said 'hey i was logged in as myself what's going on?'....so they were logged in to their own account, but when they hit the 'post comment' button it posted as by someone else....."
This is worse than I thought. The way I understood the problem is that one LJ user could see another user's stuff. I didn't realize that users could potentially be logged on as someone else AND comment as someone else. I hate to think what a vindictive person would do with that ability, even if they only had it for a few minutes.
yeah way worst...when i hit SEND on the message i was trying to send and it then had me logged into another users account i could have done ANYTHING in that account.....as some of the other commenters have said above, they could see entries, inboxes, etc.....i immediately logged out, logged back in and when i hit 'send' i ended up in someone else's LJ!!!
and when my LJ friend posted his reply to me on his LJ, he was logged in as himself but when he hit 'post comment' it posted by someone else and he was then logged as that person!! he logged out, logged back in and could comment as himself with a the hey what's going on comment....
i mean, if someone WAS vindictive they could have totally deleted and purged someone's LJ (shuddering at that thought)...that would be the worst....
Reply
This is worse than I thought. The way I understood the problem is that one LJ user could see another user's stuff. I didn't realize that users could potentially be logged on as someone else AND comment as someone else. I hate to think what a vindictive person would do with that ability, even if they only had it for a few minutes.
Reply
and when my LJ friend posted his reply to me on his LJ, he was logged in as himself but when he hit 'post comment' it posted by someone else and he was then logged as that person!! he logged out, logged back in and could comment as himself with a the hey what's going on comment....
i mean, if someone WAS vindictive they could have totally deleted and purged someone's LJ (shuddering at that thought)...that would be the worst....
Reply
Leave a comment